NEXt generation Techno-social Legal Encryption Access and Privacy nextleap.eu Grant No. 688722. Project started 2016-01-01. Duration 36 months. DELIVERABLE D6.6 STANDARDISATION REPORT Harry Halpin (INRIA) Beneficiaries: INRIA (lead) Workpackage:6 Description: The standardization-related efforts and achievements will be collected in this report, with a focus on federated identity, secure asynchronous messaging (email), synchronous messaging, and privacy- enhanced crowd-sourcing for collective intelligence via privacy-enhanced cloud analytics. The state of the standardization of each of these deliverables and their uptake by both grassroots-activists, governments, and industry will be assessed Version: 1.0 Nature: Report (R) Dissemination level: Public (PU) Date: 2018-12-31 Project co-funded by the European Commission within the Horizon 2020 Programme. D6.6 NEXTLEAP Grant No. 688722 Contents 1 Standardization Achievements of NEXTLEAP 3 2 The Landscape of Decentralized Standards: How NEXTLEAP fits in 4 3 Identity: The Foundation of the Social Web 5 4 Metadata: The Semantic Web Revisited 8 5 Transport: The Bits on the Wire 10 6 Discovery 12 7 Lessons Learned 14 8 Next Steps: Blockchain Technology 15 2 Page 2 of 41 D6.6 NEXTLEAP Grant No. 688722 1 Standardisation Achievements of NEXTLEAP Over the course of the project, NEXTLEAP has leveraged the protocols that were created within the context of the NEXTLEAP project within standards bodies where appropriate. Overall, this has met with very different kinds of success depending on the standard at hand and the kind of community – and thus governance – built around the protocol. The deliverable D3.6 features case studies of governance and standardization based on detailed ethnographic work around Autocrypt, MLS, and blockchain technologies. In contrast, this report quickly captures the highlights of the standardization of NEXTLEAP, and then situations NEXTLEAP’s work within the larger legacy of failed previous attempts to decentralize the larger Social Web. Although the protocols designed by NEXTLEAP are quite low-level, we argue that the do not easily replicate the failures of the previous standardization effort as we synthesize the wide-spanning history of decentralization via standardization. NEXTLEAP featured four main technical components: federated identity, e-mail (originally entitled “asychronous messaging” although used by Delta.chat for instant messaging), secure messaging (originally entitled “syn- chronous messaging” although secure messaging protocols like Signal and MLS now handle messages in the asychronous setting, just not backwards compatible with e-mail), privacy-enhancing analytics.The standardiza- tion assessments of NEXTLEAP are as follows: • ClaimChain (Federated Identity): Claimchain is currently mature but not standardized. The reason is because it is still a research project that exists primarily as running code (see D4.1), and currently as it is a variant of popular blockchain technology but does not belong to an existing cryptocurrency such as Bitcoin or Ethereum, there is not a clear standardization process for it. However, it has been proposed to the MLS (Message Layer Security) IETF Working Group as one method for future federation standardization, and is already as running code being integrated against Autocrypt (see D5.2). Therefore, Claimchain as such as no actual uptake from grassroots activists or governments as it has not yet been integrated into popular applications, although it does have uptake and interest from the open-source industry community around PGP and Autocrypt. Nonetheless, as there is much interest from activists and governments in MLS, the eventual standardization of ClaimChain is still possible as a core option within Autocrypt (as explored in D5.3) and eventually even MLS. • Autocrypt (Asynchronous Messaging): Autocrypt is informally specified. This community-led effort is still aiming primarily to fix the usability problems in PGP discovered in WP3 via the “bottom-up” community- driven strategy with key open source projects like Thunderbird and new projects like Delta.chat, and thus it was felt that the much more formal IETF standards process would exclude too many open-source community programmers. However, the effort has attracted the interest of the long-dormant OpenPGP Working Group at the IETF, and so it is expected that the cryptographic problems identified by D4.3 be adopted into the next iteration of the OpenPGP Working Group. While in 2016, there seemed almost no interest and cohesion in the OpenPGP community and thus the IETF was only willing to charter elementary changes to update cryptographic operations in OpenPGP but no substantial changes, it is to expected in that after the end of NEXTLEAP, there will be a revised OpenPGP Working Group. • Message Layer Security (Synchronous Messaging): MLS is undergoing standardization. This effort is being directed via a traditional “top-down” standards process at the IETF, with the Working Group and all in-progress standards being available online.1. After the problem was noticed by NEXTLEAP in WP3 and an initial solution (Asynchronous Ratchet Trees) proposed by University of Oxford researchers [3], the latest version from Inria (TreeKEM) is being formally verified in D4.3, and has already been made part of the standard. Although Signal has so far remained silent on whether they would join the effort, both European messaging providers such as Wire and Silicon Valley messaging providers (Google, Cisco, Facebook, and Facebook’s WhatsApp messenger as well) have all endorsed the effort, as well as large open-source projects like Mozilla who plan to integrate MLS into the browser. One of the largest victories by NEXTLEAP researchers is ensuring that MLS remains decentralized by working with Wire and even gaining the support of Google for MLS being a federated protocol, as outlined in D2.3. This work will con- 1https://datatracker.ietf.org/wg/mls/about/ 3 Page 3 of 41 D6.6 NEXTLEAP Grant No. 688722 tinue to attract the interest of academics, as shown by the Workshop on Secure Messaging at Eurocrypt 2019, co-chaired by Inria.2 • Privacy-Enhanced Analytics): The work on privacy-enhanced “wisdom of crowds” is currently still re- search. The work done by NEXTLEAP in D2.4 led to a number of innovative consensus protocols such as Blockmania and ways to detect attacks in decentralized networks such as Sybil-Quorum, as well as new results in privacy-enhanced information retrieval. This work is not immature, as it has already produced code given in D5.4 that is being used by startups and open-source projects such as ChainSpace on an industrial scale. However, the work is very new and consists of a number of separate components, and thus does not present as a single item itself as ready for standardization. 2 The Landscape of Decentralized Standards: How NEXTLEAP fits in Far from being a mere technical concern, the promise and failures of decentralization via open standards in terms of Internet governance are a matter of pressing public concern. The fate of the Internet as a common socio-technical infrastructure for our personal data is one of the most intimate yet political questions of future generations. Due to controversies around the selling of personal data by companies like Cambridge Analytica and the passage of laws like the General Data Protection Regulation in the European Union, the general public is waking up to the world-historical danger posed by the system of control created by the rise of a few centralized platforms such as Google and Facebook. Interestingly enough, ordinary software engineers were aware of the dangers of centralization at the very advent of social networking3 and have long been attempting to build practical decentralized systems to counter these threats to human freedom. Given that the original World Wide Web itself was created via open standards like TCP/IP, HTTP, and URIs, it should come as no surprise that the strategy deployed by these grassroots computer programmers to counter the control of Google, Facebook, and other centralized platforms was primarily based on creating new open standards for decentralizing social data and protecting personal data. Social data is data about the relationships between people and their environment, and so can be considered a commons in terms of ownership and possibly governance [13]. Social data would clearly include data like maps and public government or scientific data. On the other hand, personal data is considered data that reveals information about an individual, and thus the ownership and governance of this data can be considered a matter of self-determination of the individual [14]. Personal data would include personal names, addresses, identity card numbers, and so on. Of course, this division relies on inscribing a number of ontological categories that ultimately may not actually hold true. All data is social as it is dependent on a complex web of social relationships that characterize a process of collective individuation (as put by Stiegler), where - at any given moment - the individual is considered a result of continual co-evolution with their socio-technical infrastructure [9]. However, what is clearly self-evident is that regardless of the dialectic between social collectivity and individual autonomy, data itself is not as simple as individual or even collective property rights: One does not “own” data in the same manner one owns a coat or a house. Data around “friends” is neither clearly social nor personal: